From ce551a3925a1cf9c7824e26a246b99b6773bda4b Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Fri, 5 May 2017 12:48:12 +0200
Subject: avcodec/tiertexseqv: set the fixed dimenasions, do not depend on the
 demuxer doing so

Fixes: out of array access
Fixes: 1348/clusterfuzz-testcase-minimized-6195673642827776

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/tiertexseqv.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'libavcodec/tiertexseqv.c')

diff --git a/libavcodec/tiertexseqv.c b/libavcodec/tiertexseqv.c
index 06c5fd6b09..af39f74d7d 100644
--- a/libavcodec/tiertexseqv.c
+++ b/libavcodec/tiertexseqv.c
@@ -213,10 +213,15 @@ static int seqvideo_decode(SeqVideoContext *seq, const unsigned char *data, int
 static av_cold int seqvideo_decode_init(AVCodecContext *avctx)
 {
     SeqVideoContext *seq = avctx->priv_data;
+    int ret;
 
     seq->avctx = avctx;
     avctx->pix_fmt = AV_PIX_FMT_PAL8;
 
+    ret = ff_set_dimensions(avctx, 256, 128);
+    if (ret < 0)
+        return ret;
+
     seq->frame = av_frame_alloc();
     if (!seq->frame)
         return AVERROR(ENOMEM);
-- 
cgit v1.2.1